User Groups Access and Security tools
From [[http://cpsquare.org CPsquare]], the community of practice on communities of practice.
The user level security features are relevant to all users on a given platforms.
- Security Strength and Trust
- Groups and Roles
This relates to all security features that might be required in the environment for a given user. Trust and privacy is a key component of this type of security.
Uses in communities of practice
Ensure good system security. The benefits that they offer include: privacy, authentication, authorization, and integrity.
- Together/apart, Synch/Asynch:
- Access limited by group membership Limit access to information based on group permissions.
- To align group security with content.
- Password protection Login using a password Useful to ensure the community is restricted to authorized users.
- Clean logout Often logout is not clean, particularly in thin client sessions. This feature allows complete logout and connection tear down.
- For a community to ensure privacy each user must logout properly. The use of this feature guarantees that this happens.
- Single sign-on across tools This feature allows users to sign on once and then access any tool or platform.
- This is useful in the community to provide ease of use for all tools and platforms.
- Passport Support Liberty Support Is Microsoft Passport supported? Is Liberty Alliance supported?
- This is useful if you want to have single sign on and give the system permission to do things on your behalf. This is useful if you want to have single sign on and give the system permission to do things on your behalf.. It is better than passport in that the userID can be hidden.
- Smart Card Support Are smart cards supported?
- Useful to provide "something you have" to increase security.
- Classified Processing Does the environment support classified processing, and at what levels?
- DoD, DND, MoD, RAN, NSA, NIST, FBI, INTERPOL, CIA, RCMP and others need classified systems which are secure enough to guard against the strongest aggressors.
- User Trust Model Can users define who they will trust and not trust?
- Users decide who they trust. It is very useful if you don't trust the central authorities.
- Centralized Trust Model Is there a centralized trust model?
- A central authority decides who is trusted. It assumes that the central authority is good at deciding what risks to take.
- People with Roles Can users have roles?
- Roles are useful to manage information access.
- Groups Can users be grouped?
- Groups are used to manage information access.
- Groups with Roles Can groups have roles?
- Delegation of Roles (including Admin) Can roles be delegated?
- If groups can have roles then groups can receive responsibilities to do different tasks. If roles can be delegated, then the workload can be easily split.